Wireshark is an open source packets analysis tool available for Linux, and other platforms. It is used to examine network packets for troubleshooting, development, and security. The Wireshark tool supports virtually all operating systems, including Ubuntu, Debian, Arch Linux, Fedora, OpenSUSE, and even Flatpak. To install Wireshark on Linux, open up a terminal by pressing Ctrl + Alt + T or Ctrl + Shift + T and follow the instructions below.
On Ubuntu, the best way to use Wireshark is to enable a third-party PPA. The reason is that the PPA will deliver quicker updates, which the Ubuntu operating system can’t provide.
To enable the third-party PPA, go to the terminal and use the add-apt-repository command.
sudo add-apt-repository ppa:wireshark-dev/stable
With the PPA added to Ubuntu, it’s time to use the update command, as it is required to download the release file for the Wireshark software repository.
sudo apt update
Upon using the update command, you’ll no doubt notice that there are software upgrades ready to install. It is important to install these pending upgrades so that Wireshark will run at its best.
To install the software upgrades, run the upgrade command.
sudo apt upgrade -y
With everything up to date, it’s safe to install the latest release of Wireshark on Ubuntu.
sudo apt install wireshark
There are Wireshark packages available for Debian users ready to install in the “Debian Main” software repository. To get it working on your system, use the Apt-get command below in a terminal window.
sudo apt-get install wireshark
Keep in mind that the Wireshark packages available to Debian users are woefully out of date. The reason as to why the program is out of date is because Debian Linux delivers software updates and new features at a much slower pace, compared to other operating systems.
If you’re not happy that the release of Wireshark on Debian Linux isn’t very new, you can enable Debian Backports to get more modern versions.
Don’t want to enable Debian Backports but still want a newer version of Wireshark? Consider following the Flatpak instructions in this guide instead.
Arch Linux instructions
Both the command-line and Qt release of Wireshark is available to Arch Linux users in the “Community” software repository. To install the software on your Arch PC, you must manually enable “Community,” as not every distribution has it turned on by default.
To enable “Community,” gain root in your terminal with su.
Once root is gained, open up the /etc/pacman.conf file in the Nano text editor.
nano -w /etc/pacman.conf
Scroll through the text editor till you find “Community” and remove the # symbol from in front of it, as well as the lines directly below it. After that, save the edits by pressing Ctrl + O, and exit with Ctrl + X.
Re-sync Pacman, so that you can add the Community packages into the program database on your PC.
Finally, install the latest release of Wireshark.
pacman -S wireshark-qt
pacman -S wireshark-cli
As of now, the Wireshark application is ready to use on Fedora Linux, thanks to its inclusion in the “Fedora i386,” and “Fedora x86_64” software repository. To get it working on your system, launch a terminal window and use the DNF package manager to load it up.
sudo dnf install wireshark
On the Wireshark website’s download page, the developers state that they support OpenSUSE Linux, but there isn’t a direct link to the package, unfortunately.
Despite the apparent neglect on the Wireshark developer’s part for OpenSUSE Linux users, the program is available through a wide variety of software repositories, with different versions.
As of now, the latest stable release for Leap 15, Leap 42.3 and Tumbleweed is version 2.4. Installing it requires no special steps. Just launch a terminal window and use the Zypper installer.
sudo zypper install wireshark
Wireshark 2.4 is a useful release for casual users, but if you’re on OpenSUSE and need the latest features, you’ll need to enable the third-party Network Utilities repo.
Note: it is currently only possible to install Wireshark 3 on OpenSUSE Leap 15. 42.3 and Tumbleweed are not currently supported.
To add the Network Utilities repo, use the zypper addrepo command.
sudo zypper addrepo http://widehat.opensuse.org/opensuse/repositories/network:/utilities/openSUSE_Leap_15.0/ network-utilities
With the new repo set up, use refresh.
sudo zypper refresh
Finally, install Wireshark
zypper install wireshark
Wireshark is up on the Flathub app store as a Flatpak package, so if you’re using a Linux distribution that the developers of Wireshark don’t support, you can easily install the app with the following commands.
Note: using Flatpak on Linux requires enabling the Flatpak runtime. If you’re unsure about how to install this runtime, check out our in-depth guide on the subject.
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo flatpak install flathub org.wireshark.Wireshark